Route Origin Authorization
$ rpki-client -vvf repo-rpki.idnic.net/repo/0221ad67-d35c-4559-9a73-7c74f50dcffa/0/3130332e34372e3232382e302f32322d3234203d3e20313333383034.roa
File: 3130332e34372e3232382e302f32322d3234203d3e20313333383034.roa (raw, json)
Hash identifier: TGUwu0nuI/nHXv+OvcAuC62Ip0yQ/F0AIBOfkIX0+0U=
Subject key identifier: 71:86:03:7E:25:CA:9A:93:F1:E6:34:C8:1B:9A:CD:BB:C5:E0:B1:DE
Certificate issuer: /CN=56369FDBBCDE685B4440429A22B7967BBC3C5E36
Certificate serial: 0A6928C2988C391C47DBA7D6539D73E29019F1E3
Authority key identifier: 56:36:9F:DB:BC:DE:68:5B:44:40:42:9A:22:B7:96:7B:BC:3C:5E:36
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/56369FDBBCDE685B4440429A22B7967BBC3C5E36.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/0221ad67-d35c-4559-9a73-7c74f50dcffa/0/3130332e34372e3232382e302f32322d3234203d3e20313333383034.roa
Signing time: Fri 30 Jul 2021 03:38:09 +0000
ROA not before: Fri 30 Jul 2021 03:33:09 +0000
ROA not after: Sat 30 Jul 2022 03:38:09 +0000
asID: 133804
IP address blocks: 103.47.228.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:69:28:c2:98:8c:39:1c:47:db:a7:d6:53:9d:73:e2:90:19:f1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56369FDBBCDE685B4440429A22B7967BBC3C5E36
Validity
Not Before: Jul 30 03:33:09 2021 GMT
Not After : Jul 30 03:38:09 2022 GMT
Subject: CN=3082010A0282010100B46184A96C2060D48365C2DDC51C65DF873F5A54AB504C2F2989E0D31DFB8C2C9705C99A31090640A9CB21CE47ACD204C7489FC84D961F020CD88473085BBEE236A406EBC109FD3B8F4EAE5FDEF1654B778CE29E2BB762F2B9EEF4E6C46140B28CE28924182292E6FDFEEE7DA92923A1A8B74DA71C536F53D7177FB69BB55664AF246A3D378877A905ECFE381A63B55ACAEE0F8BE733616C25A71C1C242C200F5F1A15C84869801F6D1A2A77A6448B00D781923716ADEE89662747F40C98C407BD476BDC258B9CD29F3B0051FCC2184EB0441B748A5143473FA263CCACA10BC971D11E11140E232F3745915D4A85124231ECA8741B11B159EDE491FAA1EACECF0203010001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:84:a9:6c:20:60:d4:83:65:c2:dd:c5:1c:
65:df:87:3f:5a:54:ab:50:4c:2f:29:89:e0:d3:1d:
fb:8c:2c:97:05:c9:9a:31:09:06:40:a9:cb:21:ce:
47:ac:d2:04:c7:48:9f:c8:4d:96:1f:02:0c:d8:84:
73:08:5b:be:e2:36:a4:06:eb:c1:09:fd:3b:8f:4e:
ae:5f:de:f1:65:4b:77:8c:e2:9e:2b:b7:62:f2:b9:
ee:f4:e6:c4:61:40:b2:8c:e2:89:24:18:22:92:e6:
fd:fe:ee:7d:a9:29:23:a1:a8:b7:4d:a7:1c:53:6f:
53:d7:17:7f:b6:9b:b5:56:64:af:24:6a:3d:37:88:
77:a9:05:ec:fe:38:1a:63:b5:5a:ca:ee:0f:8b:e7:
33:61:6c:25:a7:1c:1c:24:2c:20:0f:5f:1a:15:c8:
48:69:80:1f:6d:1a:2a:77:a6:44:8b:00:d7:81:92:
37:16:ad:ee:89:66:27:47:f4:0c:98:c4:07:bd:47:
6b:dc:25:8b:9c:d2:9f:3b:00:51:fc:c2:18:4e:b0:
44:1b:74:8a:51:43:47:3f:a2:63:cc:ac:a1:0b:c9:
71:d1:1e:11:14:0e:23:2f:37:45:91:5d:4a:85:12:
42:31:ec:a8:74:1b:11:b1:59:ed:e4:91:fa:a1:ea:
ce:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:86:03:7E:25:CA:9A:93:F1:E6:34:C8:1B:9A:CD:BB:C5:E0:B1:DE
X509v3 Authority Key Identifier:
keyid:56:36:9F:DB:BC:DE:68:5B:44:40:42:9A:22:B7:96:7B:BC:3C:5E:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/0221ad67-d35c-4559-9a73-7c74f50dcffa/0/56369FDBBCDE685B4440429A22B7967BBC3C5E36.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/56369FDBBCDE685B4440429A22B7967BBC3C5E36.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0221ad67-d35c-4559-9a73-7c74f50dcffa/0/3130332e34372e3232382e302f32322d3234203d3e20313333383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.47.228.0/22
Signature Algorithm: sha256WithRSAEncryption
70:83:58:01:39:e8:a6:60:b9:a2:38:de:bb:c6:97:b1:e9:55:
10:16:d4:48:1d:cc:79:5c:c3:f9:ef:be:76:23:89:b3:d3:36:
43:ee:4f:98:80:8e:56:ac:e8:76:49:e7:34:f9:e7:d2:9b:55:
98:a0:b7:b0:cc:3b:51:ef:0f:01:28:78:10:da:93:66:97:1c:
77:2c:66:25:80:ad:46:0a:eb:74:1a:c4:cc:ac:52:d2:5a:69:
ac:47:5b:4c:4d:5e:d6:65:ed:48:4a:83:61:da:fb:ec:d3:a3:
6a:ee:7f:57:ef:7b:2f:34:39:c2:25:51:d1:93:64:a1:d1:f7:
53:e9:a0:56:a1:78:68:e6:fb:cc:d3:95:35:3a:52:42:83:a5:
3e:d5:3f:2b:49:02:df:a4:7a:fc:28:95:a5:86:96:15:cb:f7:
d6:3d:13:28:06:90:60:5f:67:2f:c1:0b:55:b7:ab:d0:18:08:
62:b0:6a:4d:c1:a8:ae:77:8a:4c:9b:98:2f:9f:b7:19:36:fd:
22:47:92:61:cf:b2:91:f9:27:e2:d8:c8:b7:5e:68:72:85:a8:
fe:73:04:c1:36:b6:ba:44:70:de:38:80:cd:ac:ea:b6:2d:7e:
dd:37:01:73:72:22:2a:a7:cd:6b:06:da:11:06:98:b3:3e:c8:
47:28:4d:a8
-----BEGIN CERTIFICATE-----
MIIHJjCCBg6gAwIBAgIUCmkowpiMORxH26fWU51z4pAZ8eMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTYzNjlGREJCQ0RFNjg1QjQ0NDA0MjlBMjJCNzk2N0JC
QzNDNUUzNjAeFw0yMTA3MzAwMzMzMDlaFw0yMjA3MzAwMzM4MDlaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjQ2MTg0QTk2QzIwNjBENDgz
NjVDMkREQzUxQzY1REY4NzNGNUE1NEFCNTA0QzJGMjk4OUUwRDMxREZCOEMyQzk3
MDVDOTlBMzEwOTA2NDBBOUNCMjFDRTQ3QUNEMjA0Qzc0ODlGQzg0RDk2MUYwMjBD
RDg4NDczMDg1QkJFRTIzNkE0MDZFQkMxMDlGRDNCOEY0RUFFNUZERUYxNjU0Qjc3
OENFMjlFMkJCNzYyRjJCOUVFRjRFNkM0NjE0MEIyOENFMjg5MjQxODIyOTJFNkZE
RkVFRTdEQTkyOTIzQTFBOEI3NERBNzFDNTM2RjUzRDcxNzdGQjY5QkI1NTY2NEFG
MjQ2QTNEMzc4ODc3QTkwNUVDRkUzODFBNjNCNTVBQ0FFRTBGOEJFNzMzNjE2QzI1
QTcxQzFDMjQyQzIwMEY1RjFBMTVDODQ4Njk4MDFGNkQxQTJBNzdBNjQ0OEIwMEQ3
ODE5MjM3MTZBREVFODk2NjI3NDdGNDBDOThDNDA3QkQ0NzZCREMyNThCOUNEMjlG
M0IwMDUxRkNDMjE4NEVCMDQ0MUI3NDhBNTE0MzQ3M0ZBMjYzQ0NBQ0ExMEJDOTcx
RDExRTExMTQwRTIzMkYzNzQ1OTE1RDRBODUxMjQyMzFFQ0E4NzQxQjExQjE1OUVE
RTQ5MUZBQTFFQUNFQ0YwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtGGEqWwgYNSDZcLdxRxl34c/WlSrUEwvKYng0x37jCyXBcmaMQkG
QKnLIc5HrNIEx0ifyE2WHwIM2IRzCFu+4jakBuvBCf07j06uX97xZUt3jOKeK7di
8rnu9ObEYUCyjOKJJBgikub9/u59qSkjoai3TaccU29T1xd/tpu1VmSvJGo9N4h3
qQXs/jgaY7Vayu4Pi+czYWwlpxwcJCwgD18aFchIaYAfbRoqd6ZEiwDXgZI3Fq3u
iWYnR/QMmMQHvUdr3CWLnNKfOwBR/MIYTrBEG3SKUUNHP6JjzKyhC8lx0R4RFA4j
LzdFkV1KhRJCMeyodBsRsVnt5JH6oerOzwIDAQABo4ICNDCCAjAwHQYDVR0OBBYE
FHGGA34lypqT8eY0yBuazbvF4LHeMB8GA1UdIwQYMBaAFFY2n9u83mhbREBCmiK3
lnu8PF42MA4GA1UdDwEB/wQEAwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDIyMWFkNjctZDM1Yy00NTU5LTlh
NzMtN2M3NGY1MGRjZmZhLzAvNTYzNjlGREJCQ0RFNjg1QjQ0NDA0MjlBMjJCNzk2
N0JCQzNDNUUzNi5jcmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3lu
YzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8yLzU2MzY5RkRC
QkNERTY4NUI0NDQwNDI5QTIyQjc5NjdCQkMzQzVFMzYuY2VyMIGkBggrBgEFBQcB
CwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5u
ZXQvcmVwby8wMjIxYWQ2Ny1kMzVjLTQ1NTktOWE3My03Yzc0ZjUwZGNmZmEvMC8z
MTMwMzMyZTM0MzcyZTMyMzIzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMxMzMz
MzM4MzAzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAmcv5DANBgkqhkiG9w0BAQsFAAOCAQEAcINYATno
pmC5ojjeu8aXselVEBbUSB3MeVzD+e++diOJs9M2Q+5PmICOVqzodknnNPnn0ptV
mKC3sMw7Ue8PASh4ENqTZpccdyxmJYCtRgrrdBrEzKxS0lpprEdbTE1e1mXtSEqD
Ydr77NOjau5/V+97LzQ5wiVR0ZNkodH3U+mgVqF4aOb7zNOVNTpSQoOlPtU/K0kC
36R6/CiVpYaWFcv31j0TKAaQYF9nL8ELVber0BgIYrBqTcGorneKTJuYL5+3GTb9
IkeSYc+ykfkn4tjIt15ocoWo/nMEwTa2ukRw3jiAzazqti1+3TcBc3IiKqfNawba
EQaYsz7IRyhNqA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:58 2023 by rpki-client on console-ams.rpki-client.org